chaves-host SSH: “ssh-keygen -H” vs “ssh-keyscan”

2

"ssh-keygen -F" parece retornar uma chave de host para um determinado nome de host (primeiro correspondido?), e "ssh-keyscan" parece retornar todos combinados, mas a ordem não está clara.

Qual é a diferença específica entre os dois?

    
por Dustin Oprea 05.08.2013 / 11:34

1 resposta

0

Na% man_de% manpage:

-H      Hash a known_hosts file.  This replaces all hostnames and addresses with hashed
        representations within the specified file; the original content is moved to a
        file with a .old suffix.  These hashes may be used normally by ssh and sshd, but 
        they do not reveal identifying information should the file's contents be 
        disclosed.  This option will not modify existing hashed hostnames and is 
        therefore safe to use on files that mix hashed and non-hashed names.

e na% man_de% manpage:

-H      Hash all hostnames and addresses in the output.  Hashed names may be used 
        normally by ssh and sshd, but they do not reveal identifying information should
        the file's contents be disclosed.

O antigo rums localmente , hashing seu arquivo ssh-keygen(1) , enquanto o último contata um servidor remoto para solicitar suas chaves.

    
por 05.08.2013 / 12:03

Tags